Skip to content

Configuring the Storage

This article explains how the verifier storage works and how you can update your credential verification service to use a different storage solution.

1. Understand the credential verification service storage

The credential verification service uses a deployment of Partisia Platform as its storage solution. It's role within My Data Activation is to hold a smart contract for each and every verification session.

All transactions and their sequence are securely recorded, providing a reliable audit trail, thanks to the immutability of the blockchain technology behind this storage solution.

The credential verification service storage is used solely to store metadata about each verification. This includes information such as the status of the verification and the details of the data being requested. It does not store any data transmitted by the wallet, preventing any personal data from being stored.

2. Use the Partisia testnet for testing

The server.json configuration file used in the installation guide for the credential verification service is set to use Partisia Blockchain's testnet for the storage solution as a convenient way to test the credential verification service installation. This testnet, operated by the Partisia Foundation, provides a practical environment for understanding how My Data Activation functions prior to deploying the service in a production setting.

3. Prepare for production

However, before deploying your credential verification service into production you must run a deployment of Partisia Platform's blockchain and integrate it to your credential verification service. For more information on Partisia Platform deployments, and how to setup and run your own see the guide here.

Create a system user

Now that you have deployed your Partisia Platform you need a system user which will be in charge of deploying the smart contracts for the verification sessions:

  1. Install the cargo partisia cli
  2. Create a system user by running: cargo pbc account create

This will create an account and store a private key associated to this account in the directory where you run the create account command. The private key will be in a file called key.pk or {address}.pk. You will need this private key to configure your credential verification service storage.

4. Update your credential verification service configuration file

To integrate your credential verification service instance with your Partisia Platform deployment, update the stateConfigin your server.json configuration file:

  1. Provide the url of your deployment in the baseUrl field.
  2. Provide the private key of the user created above.
  3. You don't need to update the address of the WASM deploy contract in the deployPublic field. Every deployment of the Partisia Platform shares the same WASM deploy contract address.
Example configuration file:
server.json (truncated)
{
  "port": 8081,
  "baseUrl": "http://docker:8081",
  "registryConfig": {
    "..."
  },
  "stateConfig": {
    "baseUrl": "https://node1.testnet.partisiablockchain.com",
    "shards": 3,
    "privateKey": "348571a75bcb4f4adf169fe5a1c8f03af29b42435a7854d77fb873964f3fd9c1",
    "addresses": {
      "deployPublic": "0197a0e238e924025bad144aa0c4913e46308f9a4d"
    }
  },
  "claimsConfig": {
    "..."
  }
}
  • stateConfig Configures which blockchain should be used to store the verification states
    • baseUrl The url of a node in the blockchain?
    • shards Number of shards in the blockchain
    • privateKey a private key used to change the state of contracts
    • addresses Contract addresses used by the system
      • deployPublic Address of Partisia Platform's WASM deploy contract

5. Restart your credential verification service instance using Docker

After updating your server.json file you must update your credential verification service instance. To do this, stop any docker container using your specified port and run the following command:

docker run -d -p 8000:8081 -v PATH_TO_YOUR_SERVER.JSON:/conf/server.json registry.gitlab.com/secata/platform/did/did-verifier-backend:0.86.0

6. Verify your new configuration

You can test that your new registry works by creating a new presentation and making sure that you can check its status:

  1. Navigate to http://localhost:8000/openapi.

  2. You can start a new presentation by calling the presentation/oid4vp/new-request endpoint. This endpoint should return a request id and a request uri.

  3. Next, pass the requestId of your newly created request to the presentation/oid4vp/status/{requestId} endpoint. It should return the status verification of your request. For example:

{
    "status": "VERIFICATION_STARTED"
}